Note the value in the Value column. If the value is <not set>, the default value is in effect as follows:

On a domain controller in a forest that was created on a domain controller running Windows Server 2003 with Service Pack 1 (SP1), Windows Server 2003 with Service Pack 2 (SP2), Windows Server 2008, or Windows Server 2008 R2, the default value is 180 days.

On a domain controller in a forest that was created on a domain controller running Windows 2000 Server, Windows Server 2003, or Windows Server 2003 R2, the default value is 60 days.

The question came up… and a good question I might add… “What if you don’t know what version of the OS was used to initially build the forest?”

If this confusion exists for Directory Service MVPs, then it probably exists for some other folks as well.

There is a very easy (for now) way to ascertain what the tombstone lifetime is.

Run the command “adfind –sc policies”

Read the line that starts with >tombstoneLifetime:

If the line exists, the value listed is your tombstone lifetime in days. If the line doesn’t exist, the tombstone lifetime is 60 days.

But joe, doesn’t the OS version matter? No. The reason it doesn’t matter is that the default didn’t change in the source code for the different OS versions. What changed was a line in a file called schema.ini which sets the value of tombstoneLifetime to whatever other value so if the value isn’t set it is the AD default 60 days.